Validate the Project

To check your application program for adherence to the specification, you must generate a suitable set of test cases that cover the application. The set of test cases must be documented and retained as the test specification. To determine what to validate for your specific application, refer to IEC 61508 or your industry-specific safety standard.
You must include a set of tests to prove the validity of your application logic. These are tests within the defined value ranges, at the limits, or in invalid value ranges. The necessary number of test cases depends on safety application.
Active validation with field devices must also be included, as it is the only way to verify that the sensors and actuators in the system are wired correctly. Verify the operation of programmed functions by manipulating sensors and actuators manually.
You must also include tests to verify the reaction to wiring faults and network communication faults.
Project validation includes tests of fault routines, and input and output channels, to be sure that the safety system operates properly.
To perform a project validation test on the controller, you must perform a full test of your application. You must activate each sensor and actuator that is involved in every safety function. Be sure to test all shutdown functions, because these functions may not be exercised during normal operation.
Also, know that a project validation test is valid only for the specific application tested. If the safety application is moved to another installation, you must perform startup and project validation on the safety application in the context of the new sensors, actuators, wiring, networks, and control system physical equipment.

Revalidation Considerations

The IEC 61508 functional safety standard requires an impact analysis before you upgrade or modify components in a certified, functional safety system. Reference the standard to make sure that you fulfill all requirements as they relate to your application. Consider the following high-level information for impact analysis of safety controller software, hardware, and firmware modification:
  • All major and minor firmware releases for safety controller systems are certified for use in safety applications. As part of the certification process, Rockwell Automation tests the safety-related firmware functions, such as the
    CIP Safety
     communication subsystems, which are embedded safety instruction execution, and safety-related diagnostic functions. The firmware release notes identify changes to safety-related functions.
  • Perform an impact analysis of the planned modifications.
    • Review the firmware release notes for changes in safety-related functionality.
    • Review the hardware and firmware compatibility in the Product Compatibility and Download Center (PCDC) to identify potential compatibility conflicts.
    • Plan, analyze, and document the impact of any modification, enhancement, or adaptation of your validated safety system.
    • As part of the upgrade process, remove and regenerate the safety signature.
  • Based on the results of the safety impact analysis, choose the appropriate level of hardware and software revalidation. Use the Safety Signature report to determine which safety elements have been modified and require revalidation. If your validation plan does not require revalidation of unchanged elements, your certification effort can be reduced.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal